<?php
//****************************************************************
//Author: Alex Zdvorak
//Date: 12/6/2009
//contact: zdvor001@csusm.edu
//
// Purpose: The purpose of employeeedit_results.php is to 
//			display the results submitted by editemployee.php
//			This page will confirm a successfull update
//			Or inform the user if the query failed. The page
//			can only be used by managers.
//
// Expected: This page recieves the post variable 'empID' to
//			determine what employee to edit.
//
// Output: This page displays success of fail.
//****************************************************************
session_start();
require_once 'php_includes.php';

//Make sure logged in
checkLogin();

if(!$_POST['empID'])
{

	echo "Did not receive expected post value.\n";
	
}
else
{
	$type = $_POST['editType'];
	$empID = $_POST['empID'];
	$newValue = $_POST['newValue'];
	
	$_SESSION['empID'] = $_POST['empID'];//fix
	
}

//make sure it is a manager logged on
checkManager();
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
  
  <head>
    <title>Payroll and Timesheet Management Website</title>
    <link rel="stylesheet" type="text/css" href="styles.css"/>
  </head>
  <body>
        
  
		<?php
            //Establishes connection to the database
            sqlConnect();
            $con=sqlConnect();
            mysql_select_db("titans", $con);

          
			$SQLstring="UPDATE Employee SET $type='$newValue' WHERE EmployeeID = '$empID'";
			$sqlresult=sqlQuery($SQLstring);
			//Print Results
			if($sqlresult)
			{
				echo "<p>";
				echo "Update Successful.";
				echo "</p>";
				echo "<input type=\"button\" value=\"Close\" onclick=\"javascript:window.opener.location.href='employee.php'; window.close();\"/>";
			}
		
		
			sqlExit();
		?>
  </body>
</html>